/ Forside / Teknologi / Udvikling / PHP / Nyhedsindlæg
Login
Glemt dit kodeord?
Brugernavn

Kodeord


Reklame
Top 10 brugere
PHP
#NavnPoint
rfh 3959
natmaden 3372
poul_from 3310
funbreak 2700
stone47 2230
Jin2k 1960
Angband 1743
Bjerner 1249
refi 1185
10  Interkril.. 1146
please try to hack my script
Fra : liquimba


Dato : 05-04-05 05:01

dear hacker friends out there,

i'm a webmaster of a small homepage, and on this site i also have a
password protected area. i have made a small javascript for this and
now i would like to know how 'save' it actually is. i know that you
can't make a real 'secure' thing with javascript, but there are also
quite big differences between the various available password scripts,
and what i have tried here is to find a quite simple solution to make
a 'secure' as possible javascript.

under the following link you can find a test page with an example of
my script, and i really would appreciate if anybody could take a look
at it or maybe try to hack it.


http://www.nrg.to/yuluka/test.html



many thanks in advance,

nate


ps: you can send me responses under the email address on the test
page.

 
 
Benny Nissen (05-04-2005)
Kommentar
Fra : Benny Nissen


Dato : 05-04-05 16:37

liquimba wrote:

> under the following link you can find a test page with an example of
> my script, and i really would appreciate if anybody could take a look
> at it or maybe try to hack it.
>
> http://www.nrg.to/yuluka/test.html

Why ? Your page is:

http://www.nrg.to/yuluka/hidden/hidden.html

--
Benny

Benny Nissen (05-04-2005)
Kommentar
Fra : Benny Nissen


Dato : 05-04-05 16:40

Benny Nissen wrote:
> liquimba wrote:
>
>> under the following link you can find a test page with an example of
>> my script, and i really would appreciate if anybody could take a look
>> at it or maybe try to hack it.
>>
>> http://www.nrg.to/yuluka/test.html
>
>
> Why ? Your page is:
>
> http://www.nrg.to/yuluka/hidden/hidden.html
>

b.t.w.:

function verify()
{
checkname = document.pass.passname.value
checkpass = document.pass.password.value
fullpass = checkname + " " + checkpass //Überprüfung des Namen und PW
marker = false

users = 2 //Anzahl der User
userlist = new Array
userlist[0] = "43253244gdf6468864 4saddad543455654ggsaw323g" //1
userlist[1] = "g868gfdaqef85366376fddfs2
765a66569gfdrooip987ahgn32fg12a" //2


for (i = 0; i < users; i++){
if (fullpass == userlist[i]){
opener.location = "hidden/hidden.html" //Geheime Seite
marker = true
}
}
if (marker == true){
window.close()
}
else {alert("Invalid Password or Name!")
}
}

Erik Ginnerskov (05-04-2005)
Kommentar
Fra : Erik Ginnerskov


Dato : 05-04-05 17:16

liquimba wrote:
> dear hacker friends out there,
> http://www.nrg.to/yuluka/test.html

If you want an unbreakable javascript login, use this:

<form name="user" action="#" onsubmit="location.href = this.code1.value +
'/' + this.code2.value + '.htm'; return false">
<p><input type="text" size="15" name="code1">&nbsp;User name</p>
<p><input type="password" size="15" name="code2">&nbsp;Password</p>
<p><input type="submit" value="Let me in" onclick="location.href =
this.form.code1.value + '/' + this.form.code2.value + '.html'; return
false"></p>
</form>

Let the 'user name' be the name of the directory and the password be the
name of the file (without extension). Don't use ordinairy words for the
login.

No hints are visible in the scripts. With 8 characters in 'user name' and
another 8 characters in the password, it will give you 2,251,875,390,625
times 2 combinations.

Good luck.

--
Yours
Erik Ginnerskov
http://hjemmesideskolen.dk - http://html-faq.dk
http://ginnerskov.frac.dk/



Peter Brodersen (06-04-2005)
Kommentar
Fra : Peter Brodersen


Dato : 06-04-05 01:02

On Tue, 5 Apr 2005 18:15:51 +0200, "Erik Ginnerskov"
<erik@donotspammmeplease.invalid> wrote:

>Let the 'user name' be the name of the directory and the password be the
>name of the file (without extension). Don't use ordinairy words for the
>login.

Well, if the hidden file is placed on an ordinary webhosting server
with other customers running php, the hidden file could easily be
found (even under safe_mode- and open_basedir-restriction).

The following could be used in almost all cases - just change the
value of $otherdir :

<?php
$otherdir = "/etc";
print_r(glob("{{$_SERVER['DOCUMENT_ROOT']},$otherdir}/*",GLOB_BRACE));
?>

Amazingly, the PHP developers don't think this code has any security
impact... (furthermore, the same seems to be the case at most web
hosting companies)

--
- Peter Brodersen

Søg
Reklame
Statistik
Spørgsmål : 177552
Tips : 31968
Nyheder : 719565
Indlæg : 6408847
Brugere : 218887

Månedens bedste
Årets bedste
Sidste års bedste